package com.topvision.auth.security;

import com.topvision.auth.domain.SysUser;
import com.topvision.auth.domain.SysUserAccount;
import com.topvision.auth.service.SysUserAccountService;
import com.topvision.auth.service.SysUserService;
import com.topvision.common.enumeration.JobStatus;
import com.topvision.common.exception.BusinessException;
import com.topvision.common.security.SecurityErrorPrompt;
import com.topvision.common.security.UserInfo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;

import javax.inject.Inject;
import java.util.List;
import java.util.stream.Collectors;

/**
 * @author HanFeng
 * @version V0.0.1
 * @Title: CustomAuthenticationProvider
 * @Package com.yonghui.security.security
 * @Description: TODO
 * @date 2017/5/6
 */
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
    @Inject
    private BCryptPasswordEncoder encoder;

    @Inject
    private SysUserService userService;
    @Autowired
    private SysUserAccountService sysUserAccountService;

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Assert.notNull(authentication, "No authentication data provided");

        String username = (String) authentication.getPrincipal();
        String password = (String) authentication.getCredentials();

        // 获取用户账号
        SysUserAccount userAccount = sysUserAccountService.findUserAccount(username);

        //  验证用户密码
        if (!encoder.matches(password, userAccount.getPassword())) {
            throw new BusinessException(SecurityErrorPrompt.SEED_MICRO_SECURITY_STATUS_10003.getValue(), SecurityErrorPrompt.SEED_MICRO_SECURITY_STATUS_10003.getLabel());
        }

        // 获取用户信息
        SysUser user = userService.findById(userAccount.getUserId());



        // 获取用户授权信息
       // List<String> groups = userService.findGroupWithUserId(userAccount.getUserId());
        List<GrantedAuthority> authorities = user.getAuthorities().stream().collect(Collectors.toList());

        // 没有权限则登录失败
        if (authorities.isEmpty()) {
            throw new BusinessException(SecurityErrorPrompt.SEED_MICRO_SECURITY_STATUS_10005.getValue(), SecurityErrorPrompt.SEED_MICRO_SECURITY_STATUS_10005.getLabel());
        }


        UserInfo userInfo = UserInfo.create(user.getId(), userAccount.getAccount(),userAccount.getPassword(), true, user.getUsername(), user.getMobile(), user.getEmail(), authorities);

        return new UsernamePasswordAuthenticationToken(userInfo, null, userInfo.getAuthorities());
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
    }
}
